IoT Security Analyst

Location: Hemel Hempstead

Job Type: Permanent, Full-time

Salary: Up to £60,000 dependant on experience

Are you an experienced cyber security professional seeking a diverse and meaningful career in IoT cyber security standards? With exposure to an array of smart home and connected IoT devices, your role as our IOT Security Analyst/Test Engineer will involve conducting security testing of IoT smart devices for our global clients, to ensure products meet security compliance to the relevant regulatory cybersecurity schemes under type test and audit tests.

• Assessing the security of connected (IoT) devices across their lifecycle, from firmware to communication interfaces
• Assist to maintain and improve test techniques for the IoT laboratory
• To Research and identify new potential test equipment for the IoT laboratory
• Ensure that test SMOs are booked, time sheeted and billed correctly
• Support the maintenance of The UKAS accreditation for the IoT laboratory, ensuring that compliance processes are established, implemented, and maintained and ensuring that they continue to meet accreditation requirements and remains effective, efficient and fit for purpose
• To provide technical assistance with BSI customers, during any potential certification journey
• To manage client's samples and testing to ensure that agreed timelines are met for the testing of samples
• To assist in the maintenance and continuous improvement on automated reporting tools

• Experience managing and operating Linux and Windows systems
• Experience in hardware (electronics) cybersecurity testing
• Experience in infrastructure cybersecurity testing
• Familiarity with compliance cybersecurity standards, such as:
  • ETSI EN 303 645 / TS 103 701
  • IEC 62443-4
  • EN 18031
  • UL 2900
  • OWASP ASVS / MASVS
• Familiarity / Experience with standards for competence of testing and calibration (EN ISO/IEC 17025)
• Some demonstrable practical experience with IoT devices/applications
• Some practical experience with at least one high level programming language
• Experience with professional technical report writing.
• Good communication skills and the ability to write clear and concise reports

• Knowledge / experience in Industrial Control systems (Cybersecurity aspects)
• Knowledge / experience in any of the following communication technologies:
  • Mobile (2G/3G/4G/5G)
  • Bluetooth.
  • ZigBee
  • Z-Wave
  • Lora WAN
  • NB-IoT
• Experience with working with front-end and back-end systems
• Experience of: CREST (any from the Incident response family)
• Offensive security (PEN-200, PEN-210, PEN-300)
• Cyber-Scheme (CSFL, CSTM, CSTL)

BSI offers a competitive total reward package, an independent and varied job in an international environment, flexible working hours, ongoing training and development with the inclusion of Annual Bonus, Contribution Based Pension, Private Healthcare, 27 Days Annual Leave + Bank Holidays, Life Assurance.

BSI is a business improvement and standards company and for over a century BSI has been recognized for having a positive impact on organizations and society, building trust and enhancing lives. Today BSI partners with more than 77,500 clients in 195 countries and engages with a 15,000 strong global community of experts, industry and consumer groups, organizations and governments. BSI delivers on its purpose by helping its clients fulfill theirs. Living by our core values of Client-Centricity, Agility, and Collaboration, BSI provides organizations with the confidence to grow by partnering with them to tackle society's critical issues. BSI is an Equal Opportunity Employer dedicated to fostering a diverse and inclusive workplace.